Pub Date : 2018-03-22DOI: 10.1109/ISDFS.2018.8355342
Yasin Sönmez, T. Tuncer, Hüseyin Gökal, E. Avci
Phishing are one of the most common and most dangerous attacks among cybercrimes. The aim of these attacks is to steal the information used by individuals and organizations to conduct transactions. Phishing websites contain various hints among their contents and web browser-based information. The purpose of this study is to perform Extreme Learning Machine (ELM) based classification for 30 features including Phishing Websites Data in UC Irvine Machine Learning Repository database. For results assessment, ELM was compared with other machine learning methods such as Support Vector Machine (SVM), Naïve Bayes (NB) and detected to have the highest accuracy of 95.34%.
{"title":"Phishing web sites features classification based on extreme learning machine","authors":"Yasin Sönmez, T. Tuncer, Hüseyin Gökal, E. Avci","doi":"10.1109/ISDFS.2018.8355342","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355342","url":null,"abstract":"Phishing are one of the most common and most dangerous attacks among cybercrimes. The aim of these attacks is to steal the information used by individuals and organizations to conduct transactions. Phishing websites contain various hints among their contents and web browser-based information. The purpose of this study is to perform Extreme Learning Machine (ELM) based classification for 30 features including Phishing Websites Data in UC Irvine Machine Learning Repository database. For results assessment, ELM was compared with other machine learning methods such as Support Vector Machine (SVM), Naïve Bayes (NB) and detected to have the highest accuracy of 95.34%.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130323692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355376
İbrahim Üzüm, Özgü Can
An information system based on real-time file integrations has an important role in today's organizations' work process management. By connecting to the network, file flow and integration between corporate systems have gained a great significance. In addition, network and security issues have emerged depending on the file structure and transfer processes. Thus, there has become a need for an effective and self-learning anomaly detection module for file transfer processes in order to provide the persistence of integration channels, accountability of transfer logs and data integrity. This paper proposes a novel anomaly detection approach that focuses on file size and integration duration of file transfers between enterprise systems. For this purpose, size and time anomalies on transferring files will be detected by a machine learning-based structure. Later, an alarm system is going to be developed in order to inform the authenticated individuals about the anomalies.
{"title":"An anomaly detection approach for enterprise file integration","authors":"İbrahim Üzüm, Özgü Can","doi":"10.1109/ISDFS.2018.8355376","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355376","url":null,"abstract":"An information system based on real-time file integrations has an important role in today's organizations' work process management. By connecting to the network, file flow and integration between corporate systems have gained a great significance. In addition, network and security issues have emerged depending on the file structure and transfer processes. Thus, there has become a need for an effective and self-learning anomaly detection module for file transfer processes in order to provide the persistence of integration channels, accountability of transfer logs and data integrity. This paper proposes a novel anomaly detection approach that focuses on file size and integration duration of file transfers between enterprise systems. For this purpose, size and time anomalies on transferring files will be detected by a machine learning-based structure. Later, an alarm system is going to be developed in order to inform the authenticated individuals about the anomalies.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"148 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116531221","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355358
Oguzhan Akyildiz
In this study, Deep Web and Dark Web concepts and their relation to each other were evaluated. The working mechanisms of Deep Web and Dark Web examined, the data collected from these media analyzed and the collected data evaluated in terms of information security. Deep Web and Dark Web environments encountered in the criminal content of cyber actions were classified.
{"title":"Information analysis and cyber crimes in Deep Web & Dark Web","authors":"Oguzhan Akyildiz","doi":"10.1109/ISDFS.2018.8355358","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355358","url":null,"abstract":"In this study, Deep Web and Dark Web concepts and their relation to each other were evaluated. The working mechanisms of Deep Web and Dark Web examined, the data collected from these media analyzed and the collected data evaluated in terms of information security. Deep Web and Dark Web environments encountered in the criminal content of cyber actions were classified.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117346340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355391
N. Azginoglu, Mehmet Eren, Mete Celik, Z. Aydın
Ceph is a scalable and high performance distributed file system. In this study, a Ceph-based storage server was implemented and used actively. This storage system has been used as a disk of 40 virtual servers in 4 different Proxmox servers. Performance evaluation of the system has been conducted on virtual servers that holds Windows and Linux based operating systems.
{"title":"Ceph-based storage server application","authors":"N. Azginoglu, Mehmet Eren, Mete Celik, Z. Aydın","doi":"10.1109/ISDFS.2018.8355391","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355391","url":null,"abstract":"Ceph is a scalable and high performance distributed file system. In this study, a Ceph-based storage server was implemented and used actively. This storage system has been used as a disk of 40 virtual servers in 4 different Proxmox servers. Performance evaluation of the system has been conducted on virtual servers that holds Windows and Linux based operating systems.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116833415","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355320
Mehtap Ulker, Bilgehan Arslan
Nowadays, with the widespread use of the internet, digital images are increasing in use rate. Digital images are attractive for creating a suitable environment for those who want to communicate securely. It is not easy to notice when substituting data into the least significant bit of these images, and the ability to embed excess data makes it attractive to make the use of steganography in secure communication. The aim of this paper is to provide secure communication via a new image steganography using LSB method with secret key and logistic map for generating random numbers. Also it is to compare to other approaches in the literature in term of image quality. As a result, it is seen that the PSNR is 55.91 at the maximum payload capacity namely 29127 bytes and is better than many other steganography algorithms in the literature.
{"title":"A novel secure model: Image steganography with logistic map and secret key","authors":"Mehtap Ulker, Bilgehan Arslan","doi":"10.1109/ISDFS.2018.8355320","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355320","url":null,"abstract":"Nowadays, with the widespread use of the internet, digital images are increasing in use rate. Digital images are attractive for creating a suitable environment for those who want to communicate securely. It is not easy to notice when substituting data into the least significant bit of these images, and the ability to embed excess data makes it attractive to make the use of steganography in secure communication. The aim of this paper is to provide secure communication via a new image steganography using LSB method with secret key and logistic map for generating random numbers. Also it is to compare to other approaches in the literature in term of image quality. As a result, it is seen that the PSNR is 55.91 at the maximum payload capacity namely 29127 bytes and is better than many other steganography algorithms in the literature.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125764233","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355335
Samet Ganal, Mehmet Ali Yalçinkaya, E. Küçüksille
Today, institutions use proxy products for the internet access of their users and arrange the internet access policies of their users by way of this device. Even though proxy takes on the internet access load of the institution by itself, it enables many changes during the day. Human based errors may occur during operations carried out in the day and these errors may cause difficulties for the institution with regard to information security. The objective of this study was to enable automatic detection of erroneous structuring on the proxy without any user feedback before the problem gets out of hand and to initiate the solution process starting from the time that the problem occurs.
{"title":"Detection of proxy misconfigurations via log alarms","authors":"Samet Ganal, Mehmet Ali Yalçinkaya, E. Küçüksille","doi":"10.1109/ISDFS.2018.8355335","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355335","url":null,"abstract":"Today, institutions use proxy products for the internet access of their users and arrange the internet access policies of their users by way of this device. Even though proxy takes on the internet access load of the institution by itself, it enables many changes during the day. Human based errors may occur during operations carried out in the day and these errors may cause difficulties for the institution with regard to information security. The objective of this study was to enable automatic detection of erroneous structuring on the proxy without any user feedback before the problem gets out of hand and to initiate the solution process starting from the time that the problem occurs.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129095883","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355355
Elif Varol Altay, B. Alatas
In this work, music based metaheuristic search methods have been collected and discussed for the first time. Harmony Search Algorithm (HS), which are the most well-known music based optimization algorithms, its variants, Method of Musical Composition Algorithm (MMC), and Melody Search Algorithm (MSA) have been examined in detail and their performance tests in terms of different statistical metrics have been carried out with constrained G-suit functions and the results have been demonstrated comparatively. These algorithms are relatively interesting and novel and many efficient versions of them can be proposed and adopted for many types of nonlinear complex problems.
{"title":"Music based metaheuristic methods for constrained optimization","authors":"Elif Varol Altay, B. Alatas","doi":"10.1109/ISDFS.2018.8355355","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355355","url":null,"abstract":"In this work, music based metaheuristic search methods have been collected and discussed for the first time. Harmony Search Algorithm (HS), which are the most well-known music based optimization algorithms, its variants, Method of Musical Composition Algorithm (MMC), and Melody Search Algorithm (MSA) have been examined in detail and their performance tests in terms of different statistical metrics have been carried out with constrained G-suit functions and the results have been demonstrated comparatively. These algorithms are relatively interesting and novel and many efficient versions of them can be proposed and adopted for many types of nonlinear complex problems.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128052731","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355390
Kemal Özkan, Ş. Işık, Yusuf Kartal
Advances in machine learning technologies have provided that malicious programs can be detected based on static and dynamic features. Moreover, a crowded set of studies throughout literature indicates that malware detection can be handled with remarkable accuracy rate once converted into image domain. To realize this, some image based techniques have been developed together with feature extraction and classifiers in order to discover the relation between malware binaries in grayscale color representation. With a similar way, we have contributed the CNN features to overcome the malware detection problem. Findings of experimental research support that the malware types can be classified with 85% accuracy rate when applying the machine learning system on 36 (including benign type) malware families consisting of 12,279 malware samples. Moreover, we have achieved the 99% accuracy rate when conducting and experiment on 25 families having 9, 339 malware samples.
{"title":"Evaluation of convolutional neural network features for malware detection","authors":"Kemal Özkan, Ş. Işık, Yusuf Kartal","doi":"10.1109/ISDFS.2018.8355390","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355390","url":null,"abstract":"Advances in machine learning technologies have provided that malicious programs can be detected based on static and dynamic features. Moreover, a crowded set of studies throughout literature indicates that malware detection can be handled with remarkable accuracy rate once converted into image domain. To realize this, some image based techniques have been developed together with feature extraction and classifiers in order to discover the relation between malware binaries in grayscale color representation. With a similar way, we have contributed the CNN features to overcome the malware detection problem. Findings of experimental research support that the malware types can be classified with 85% accuracy rate when applying the machine learning system on 36 (including benign type) malware families consisting of 12,279 malware samples. Moreover, we have achieved the 99% accuracy rate when conducting and experiment on 25 families having 9, 339 malware samples.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128688790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355353
Osman Altay, M. Ulaş
Location determination in the indoor areas as well as in open areas is important for many applications. But location determination in the indoor areas is a very difficult process compared to open areas. The Global Positioning System (GPS) signals used for position detection is not effective in the indoor areas. Wi-Fi signals are a widely used method for localization detection in the indoor area. In the indoor areas, localization can be used for many different purposes, such as intelligent home systems, locations of people, locations of products in the depot. In this study, it was tried to determine localization for with the classification method for 4 different areas by using Wi-Fi signal values obtained from different routers for indoor location determination. Linear discriminant analysis (LDA) classification was used for classification. In the test using 10k fold cross-validation, 97.2% accuracy value was calculated.
{"title":"Location determination by processing signal strength of Wi-Fi routers in the indoor environment with linear discriminant classifier","authors":"Osman Altay, M. Ulaş","doi":"10.1109/ISDFS.2018.8355353","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355353","url":null,"abstract":"Location determination in the indoor areas as well as in open areas is important for many applications. But location determination in the indoor areas is a very difficult process compared to open areas. The Global Positioning System (GPS) signals used for position detection is not effective in the indoor areas. Wi-Fi signals are a widely used method for localization detection in the indoor area. In the indoor areas, localization can be used for many different purposes, such as intelligent home systems, locations of people, locations of products in the depot. In this study, it was tried to determine localization for with the classification method for 4 different areas by using Wi-Fi signal values obtained from different routers for indoor location determination. Linear discriminant analysis (LDA) classification was used for classification. In the test using 10k fold cross-validation, 97.2% accuracy value was calculated.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116458616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-03-01DOI: 10.1109/ISDFS.2018.8355336
B. Genge, H. Piroska, Hunor Sándor
The integration of new Information and Communication Technologies (ICT) within the heart of Industrial Control Systems (ICS) generated a large palette of innovative solutions. As such, the industry has undergone a new technological revolution, also known as Industry 4.0. Nevertheless, this also introduced new threats and vulnerabilities, which significantly affected the stability and the functioning of ICS. This paper reports on the integrated solution developed within the PROTECT-G project. PROTECT-G is a joint effort between academia and industry aiming at protecting the communications in legacy gas transportation systems. It provides an integrated set of protection strategies consisting of an industrial multi-layer firewall, anomaly detection systems, data protection strategies, and a remote attestation protocol.
{"title":"PROTECT-G: Protection of communications in natural gas transportation systems","authors":"B. Genge, H. Piroska, Hunor Sándor","doi":"10.1109/ISDFS.2018.8355336","DOIUrl":"https://doi.org/10.1109/ISDFS.2018.8355336","url":null,"abstract":"The integration of new Information and Communication Technologies (ICT) within the heart of Industrial Control Systems (ICS) generated a large palette of innovative solutions. As such, the industry has undergone a new technological revolution, also known as Industry 4.0. Nevertheless, this also introduced new threats and vulnerabilities, which significantly affected the stability and the functioning of ICS. This paper reports on the integrated solution developed within the PROTECT-G project. PROTECT-G is a joint effort between academia and industry aiming at protecting the communications in legacy gas transportation systems. It provides an integrated set of protection strategies consisting of an industrial multi-layer firewall, anomaly detection systems, data protection strategies, and a remote attestation protocol.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128770360","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: